Ubuntu update for linux-oracle-5.15



Risk High
Patch available YES
Number of vulnerabilities 56
CVE-ID CVE-2024-25742
CVE-2024-36947
CVE-2024-36919
CVE-2024-36929
CVE-2024-36955
CVE-2023-52585
CVE-2024-36931
CVE-2024-27399
CVE-2024-36957
CVE-2024-26980
CVE-2024-27398
CVE-2024-36902
CVE-2024-36928
CVE-2024-36960
CVE-2024-36904
CVE-2024-27017
CVE-2024-36959
CVE-2024-36880
CVE-2024-26936
CVE-2024-36975
CVE-2023-52882
CVE-2024-35848
CVE-2024-36886
CVE-2024-36889
CVE-2024-27401
CVE-2024-36906
CVE-2024-36937
CVE-2024-36016
CVE-2024-36964
CVE-2024-36933
CVE-2024-36031
CVE-2024-36969
CVE-2024-36954
CVE-2024-26900
CVE-2024-26952
CVE-2024-36017
CVE-2024-35947
CVE-2024-36965
CVE-2023-52752
CVE-2024-36905
CVE-2024-36938
CVE-2024-36952
CVE-2024-36940
CVE-2024-36916
CVE-2024-38600
CVE-2024-36946
CVE-2024-36953
CVE-2024-36967
CVE-2024-26886
CVE-2024-36934
CVE-2024-36950
CVE-2024-36941
CVE-2024-36883
CVE-2024-36944
CVE-2024-36939
CVE-2024-36897
CWE-ID CWE-94
CWE-401
CWE-667
CWE-388
CWE-476
CWE-125
CWE-193
CWE-416
CWE-399
CWE-682
CWE-200
CWE-20
CWE-362
CWE-119
CWE-908
CWE-787
CWE-269
CWE-369
CWE-415
Exploitation vector Network
Public exploit N/A
Vulnerable software
Ubuntu
Operating systems & Components / Operating system

linux-image-oracle (Ubuntu package)
Operating systems & Components / Operating system package or component

linux-image-5.15.0-1065-oracle (Ubuntu package)
Operating systems & Components / Operating system package or component

Vendor Canonical Ltd.

Security Bulletin

This security bulletin contains information about 56 vulnerabilities.

1) Code Injection

EUVDB-ID: #VU89087

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-25742

CWE-ID: CWE-94 - Improper Control of Generation of Code ('Code Injection')

Exploit availability: No

Description

The vulnerability allows a malicious hypervisor to escalate privileges on the system.

The vulnerability exists due to improper input validation when handling interrupts. A malicious hypervisor can inject interrupt 0x80, which is used by Linux for legacy 32-bit system calls, and arbitrarily change the value stored in EAX while a SEV VM is running.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Memory leak

EUVDB-ID: #VU91614

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36947

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the remove_device_files() function in drivers/infiniband/hw/qib/qib_fs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Improper locking

EUVDB-ID: #VU92010

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36919

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the bnx2fc_free_session_resc() function in drivers/scsi/bnx2fc/bnx2fc_tgt.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Improper error handling

EUVDB-ID: #VU93449

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36929

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the skb_alloc_rx_flag() and skb_copy_expand() functions in net/core/skbuff.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

5) Memory leak

EUVDB-ID: #VU91613

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36955

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the is_link_enabled() function in sound/hda/intel-sdw-acpi.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

6) NULL pointer dereference

EUVDB-ID: #VU91241

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52585

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the amdgpu_ras_query_error_status_helper() function in drivers/gpu/drm/amd/amdgpu/amdgpu_ras.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

7) Out-of-bounds read

EUVDB-ID: #VU90267

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36931

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the crw_inject_write() function in drivers/s390/cio/cio_inject.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

8) NULL pointer dereference

EUVDB-ID: #VU89673

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27399

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dreference error within the l2cap_chan_timeout() function in net/bluetooth/l2cap_core.c. A remote attacker can send specially crafted packets to the system and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

9) Off-by-one

EUVDB-ID: #VU91171

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36957

CWE-ID: CWE-193 - Off-by-one Error

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an off-by-one error within the rvu_dbg_qsize_write() function in drivers/net/ethernet/marvell/octeontx2/af/rvu_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

10) Out-of-bounds read

EUVDB-ID: #VU90320

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26980

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the __handle_ksmbd_work() function in fs/smb/server/server.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

11) Use-after-free

EUVDB-ID: #VU89672

Risk: Medium

CVSSv3.1: 5.7 [CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27398

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a use-after-free error within the sco_sock_timeout() function in net/bluetooth/sco.c. A remote attacker can trigger a use-after-free error and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

12) NULL pointer dereference

EUVDB-ID: #VU91222

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36902

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __fib6_rule_action() function in net/ipv6/fib6_rules.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

13) Resource management error

EUVDB-ID: #VU92961

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36928

CWE-ID: CWE-399 - Resource Management Errors

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to resource management error within the qeth_free_cq(), qeth_alloc_qdio_queues(), atomic_set(), qeth_free_qdio_queues() and qeth_qdio_poll() functions in drivers/s390/net/qeth_core_main.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

14) Out-of-bounds read

EUVDB-ID: #VU90819

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36960

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the vmw_event_fence_action_create() function in drivers/gpu/drm/vmwgfx/vmwgfx_fence.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

15) Use-after-free

EUVDB-ID: #VU90047

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36904

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the tcp_twsk_unique() function in net/ipv4/tcp_ipv4.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

16) Incorrect calculation

EUVDB-ID: #VU93615

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27017

CWE-ID: CWE-682 - Incorrect Calculation

Exploit availability: No

Description

The vulnerability allows a local user to manipulate data.

The vulnerability exists due to incorrect calculation within the nft_pipapo_walk() function in net/netfilter/nft_set_pipapo.c, within the nft_map_deactivate(), nf_tables_bind_set(), nft_map_activate(), nf_tables_dump_set(), nft_set_flush() and nf_tables_check_loops() functions in net/netfilter/nf_tables_api.c. A local user can manipulate data.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

17) Information disclosure

EUVDB-ID: #VU91321

Risk: Low

CVSSv3.1: 2.9 [AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36959

CWE-ID: CWE-200 - Information exposure

Exploit availability: No

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to information disclosure within the pinctrl_dt_to_map() function in drivers/pinctrl/devicetree.c. A local user can gain access to sensitive information.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

18) Input validation error

EUVDB-ID: #VU90850

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36880

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the qca_send_pre_shutdown_cmd(), qca_tlv_check_data() and qca_download_firmware() functions in drivers/bluetooth/btqca.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

19) Out-of-bounds read

EUVDB-ID: #VU90322

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26936

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the smb2_allocate_rsp_buf() function in fs/smb/server/smb2pdu.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

20) Race condition

EUVDB-ID: #VU93374

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36975

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

21) Input validation error

EUVDB-ID: #VU93673

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52882

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the sun50i_h6_ccu_probe() function in drivers/clk/sunxi-ng/ccu-sun50i-h6.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

22) Buffer overflow

EUVDB-ID: #VU91199

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35848

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the at24_probe() function in drivers/misc/eeprom/at24.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

23) Use-after-free

EUVDB-ID: #VU90049

Risk: High

CVSSv3.1: 7.8 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a remote attacker to compromise the affected system.

The vulnerability exists due to a use-after-free error within the tipc_buf_append() function in net/tipc/msg.c when processing fragmented TIPC messages. A remote attacker can send specially crafted packets to the system, trigger a use-after-free error and execute arbitrary code on the system in the context of the kernel.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

24) Use of uninitialized resource

EUVDB-ID: #VU90975

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36889

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the mptcp_stream_connect() function in net/mptcp/protocol.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

25) Buffer overflow

EUVDB-ID: #VU89675

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-27401

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary error within the packet_buffer_get() function in drivers/firewire/nosy.c. A local user can trigger memory corruption and perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

26) Out-of-bounds read

EUVDB-ID: #VU90271

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36906

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the ENDPROC() function in arch/arm/kernel/sleep.S. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

27) NULL pointer dereference

EUVDB-ID: #VU90529

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36937

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the __xdp_do_redirect_frame(), EXPORT_SYMBOL_GPL(), xdp_do_generic_redirect_map() and xdp_do_generic_redirect() functions in net/core/filter.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

28) Out-of-bounds write

EUVDB-ID: #VU89898

Risk: Low

CVSSv3.1: 6.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36016

CWE-ID: CWE-787 - Out-of-bounds write

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a boundary error within the gsm0_receive() function in drivers/tty/n_gsm.c. A local user can trigger an out-of-bounds write and execute arbitrary code with elevated privileges.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

29) Improper privilege management

EUVDB-ID: #VU93734

Risk: Low

CVSSv3.1: 3.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36964

CWE-ID: CWE-269 - Improper Privilege Management

Exploit availability: No

Description

The vulnerability allows a local user to read and manipulate data.

The vulnerability exists due to improperly imposed permissions within the p9mode2perm() function in fs/9p/vfs_inode.c. A local user can read and manipulate data.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

30) Use of uninitialized resource

EUVDB-ID: #VU90862

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36933

CWE-ID: CWE-908 - Use of Uninitialized Resource

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to use of uninitialized resource within the EXPORT_SYMBOL_GPL() and nsh_gso_segment() functions in net/nsh/nsh.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

31) Input validation error

EUVDB-ID: #VU94121

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36031

CWE-ID: CWE-20 - Improper input validation

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper input validation within the __key_instantiate_and_link() function in security/keys/key.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

32) Division by zero

EUVDB-ID: #VU91563

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36969

CWE-ID: CWE-369 - Divide By Zero

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a division by zero error within the setup_dsc_config() function in drivers/gpu/drm/amd/display/dc/dsc/dc_dsc.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

33) Memory leak

EUVDB-ID: #VU90431

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36954

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tipc_buf_append() function in net/tipc/msg.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

34) Memory leak

EUVDB-ID: #VU90468

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26900

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the bind_rdev_to_array() function in drivers/md/md.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

35) Out-of-bounds read

EUVDB-ID: #VU90317

Risk: Low

CVSSv3.1: 6.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26952

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to execute arbitrary code.

The vulnerability exists due to an out-of-bounds read error within the smb2_tree_connect(), smb2_open(), smb2_query_dir(), smb2_get_ea(), smb2_set_info_file(), smb2_set_info(), fsctl_pipe_transceive() and smb2_ioctl() functions in fs/smb/server/smb2pdu.c, within the smb2_get_data_area_len() function in fs/smb/server/smb2misc.c. A local user can execute arbitrary code.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

36) Out-of-bounds read

EUVDB-ID: #VU93081

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36017

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the do_setvfinfo() function in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

37) Improper error handling

EUVDB-ID: #VU93468

Risk: Low

CVSSv3.1: 4.8 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-35947

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an error within the ddebug_tokenize() function in lib/dynamic_debug.c. A local user can crash the OS kernel.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

38) Buffer overflow

EUVDB-ID: #VU93307

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36965

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the scp_elf_read_ipi_buf_addr() and scp_ipi_init() functions in drivers/remoteproc/mtk_scp.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

39) Use-after-free

EUVDB-ID: #VU90068

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-52752

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the seq_printf() and spin_unlock() functions in fs/smb/client/cifs_debug.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

40) Race condition

EUVDB-ID: #VU93375

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36905

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a race condition within the tcp_send_fin() function in net/ipv4/tcp_output.c, within the tcp_rcv_state_process() function in net/ipv4/tcp_input.c, within the tcp_shutdown() and __tcp_close() functions in net/ipv4/tcp.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

41) NULL pointer dereference

EUVDB-ID: #VU90383

Risk: Low

CVSSv3.1: 3.2 [AV:L/AC:L/PR:L/UI:U/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36938

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the include/linux/skmsg.h. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

42) Race condition

EUVDB-ID: #VU91463

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36952

CWE-ID: CWE-362 - Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a race condition within the lpfc_vport_delete() function in drivers/scsi/lpfc/lpfc_vport.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

43) Double Free

EUVDB-ID: #VU90885

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36940

CWE-ID: CWE-415 - Double Free

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to a double free error within the pinctrl_enable() function in drivers/pinctrl/core.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

44) Out-of-bounds read

EUVDB-ID: #VU90273

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36916

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the iocg_kick_delay() function in block/blk-iocost.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

45) Improper locking

EUVDB-ID: #VU92360

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-38600

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the snd_card_disconnect() function in sound/core/init.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

46) Buffer overflow

EUVDB-ID: #VU93469

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36946

CWE-ID: CWE-119 - Memory corruption

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to memory corruption within the rtm_phonet_notify() function in net/phonet/pn_netlink.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

47) Improper error handling

EUVDB-ID: #VU93450

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36953

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the kvm_register_vgic_device() function in arch/arm64/kvm/vgic/vgic-kvm-device.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

48) Memory leak

EUVDB-ID: #VU91561

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36967

CWE-ID: CWE-401 - Missing release of memory after effective lifetime

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to memory leak within the tpm2_key_encode() function in security/keys/trusted-keys/trusted_tpm2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

49) Use-after-free

EUVDB-ID: #VU90200

Risk: Low

CVSSv3.1: 7.7 [AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-26886

CWE-ID: CWE-416 - Use After Free

Exploit availability: No

Description

The vulnerability allows a local user to escalate privileges on the system.

The vulnerability exists due to a use-after-free error within the bt_sock_recvmsg() and bt_sock_ioctl() functions in net/bluetooth/af_bluetooth.c. A local user can escalate privileges on the system.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

50) Out-of-bounds read

EUVDB-ID: #VU90266

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36934

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the bnad_debugfs_write_regrd() and bnad_debugfs_write_regwr() functions in drivers/net/ethernet/brocade/bna/bnad_debugfs.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

51) Improper error handling

EUVDB-ID: #VU92055

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36950

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the bus_reset_work() and irq_handler() functions in drivers/firewire/ohci.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

52) NULL pointer dereference

EUVDB-ID: #VU90528

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36941

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the nl80211_set_coalesce() function in net/wireless/nl80211.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

53) Out-of-bounds read

EUVDB-ID: #VU90272

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36883

CWE-ID: CWE-125 - Out-of-bounds read

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to an out-of-bounds read error within the net_alloc_generic() and register_pernet_operations() functions in net/core/net_namespace.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

54) Improper locking

EUVDB-ID: #VU91502

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36944

CWE-ID: CWE-667 - Improper Locking

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper locking within the qxl_fence_wait() function in drivers/gpu/drm/qxl/qxl_release.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

55) Improper error handling

EUVDB-ID: #VU92054

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36939

CWE-ID: CWE-388 - Error Handling

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to improper error handling within the nfs_net_init() function in fs/nfs/inode.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

56) NULL pointer dereference

EUVDB-ID: #VU91223

Risk: Low

CVSSv3.1: 4.8 [AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2024-36897

CWE-ID: CWE-476 - NULL Pointer Dereference

Exploit availability: No

Description

The vulnerability allows a local user to perform a denial of service (DoS) attack.

The vulnerability exists due to NULL pointer dereference within the construct_integrated_info() function in drivers/gpu/drm/amd/display/dc/bios/bios_parser2.c. A local user can perform a denial of service (DoS) attack.

Mitigation

Update the affected package linux-oracle-5.15 to the latest version.

Vulnerable software versions

Ubuntu: 20.04

linux-image-oracle (Ubuntu package): before 5.15.0.1065.71~20.04.1

linux-image-5.15.0-1065-oracle (Ubuntu package): before 5.15.0-1065.71~20.04.1

CPE2.3 External links

http://ubuntu.com/security/notices/USN-6957-1


Q & A

Can this vulnerability be exploited remotely?

No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###